Foresec Certified Networking Security

REVIEWER FOR AY 2013-2014

FORESEC CERTIFIED IN NETWORKING SECURITY

Instruction: Select the letter of the correct answer.

1.    You have been asked to develop an audit plan for your company. You have been told that there have been constant deletions of files that are being worked on by a team, and that they have had to redo the work a number of times. What type of auditing would you implement to track the access to this resource?

a.	Logon/logoff success		c.	object/file access failure
b.	object/file access success		d.	Logon/logoff failure

2.    Which of the following are a benefit of removing unused or unneeded services and protocols?

a.     More machine resource availability

b.    More network throughput

c.       Less need for administration

d.      More security

3.    Which is the most important reason for the removal of unused, unnecessary, or unneeded protocols, services, and applications?

a.	Increased security		c.	Less need for administration
b.	Increased performance		d.	Less machine resource use.

4.    The component of a DDoS attack that sends commands to DDoS zombie agents is known as a _____.

a.  System Commander                        b.   Console                             c.   Master                        d.    Rootkit

5.    The act of attempting to appear to be someone you’re not in order to gain access to a system is known as which of the following?

a.  Spoofing                                                 b.       DDoS                                c.   Replay                       d.     Sniffing

6.   Which of the following is most likely to make systems vulnerable to MITM attacks?

a.	Weak passwords		c. Authentication misconfiguration on routers
b.		Weak TCP sequence numbers	d. Use of the wrong operating systems

7.    Which of the following is the best way to protect your organization from revealing sensitive information through dumpster diving?

a.    Establish a policy requiring employees to change passwords every 30 to 60 days.

b.    Teach employees the value of not disclosing restricted information over the telephone to unknown parties.

c.     Add a new firewall to the network.

d.    Shred all sensitive documentation.

8.    The use of VPNs and __________________ have enabled users to be able to telecommute.

a.  PGP                               b.   S/MIME                              c.   Wireless NICs              d.   RASs

9.    PDAs, cell phones, and certain network cards have the ability to use_____________

networks. Choose the BEST answer.

a.  Wired                           b.   Private                               c.   Wireless                           d.   Antique

10. Which of the following algorithms are available for commercial use without a licensing fee? (Select all that apply)

a.  RSA

b.  DES

c.  IDEA

d.  AES

11. There are three recognized levels of hacking ability in the Internet community. The first is the skilled hacker, who writes the programs and scripts that script kiddies use for their attacks. Next comes the script kiddie, who knows how to run the scripts written by the skilled hackers. After the script kiddies come the _______________ who lack the basic knowledge of networks and security to launch an attack themselves.

a.  Web kiddies              b.   Clickers                            c.   Click kiddies                  d.  Dunce kiddies

12. Your supervisor has charged you with determining which 802.11 authentication method to use when deploying the new wireless network. Given your knowledge of the 802.11 specification, which of the following is the most secure 802.11 authentication method?

a.  Shared-key                      b.   EAP-TLS                     c.   EAP-MD5                             d.     Open

13. What are the two WEP key sizes available in 802.11 networks?

a.	40-bit and 104-bit	c.	64-bit and 128-bit
b.	24-bit and 64-bit	d.	24-bit and 104-bit

14. Which of the following is a weakness in WEP related to the IV? (Select all that apply)

a.    The IV is a static value, which makes it relatively easy for an attacker to brute force the WEP key from captured traffic.

b.    The IV is transmitted in plaintext and can be easily seen in captured traffic.

c.     The IV is only 24 bits in size, which makes it possible that two or more data frames will be transmitted with the same IV, thereby resulting in an IV collision that an attacker can use to determine information about the network.

d.    There is no weakness in WEP related to the IV.

15. You are creating a DMZ for a company and need to allow external users to access Web servers in the DMZ using HTTP/S as well as allow internal users to access the same Web servers using standard HTTP. What is the best way to configure the external and internal firewalls to meet these requirements?

a.    Open port 80 on the external firewall and port 443 on the internal firewall.

b.    Open port 443 on the external firewall and port 80 on the internal firewall.

c.     Open port 80 on the external firewall and port 110 on the internal firewall.

d.    Open port 110 on the external firewall and port 80 on the internal firewall.

16. When you use Java, the JVM isolates the Java applet to a sandbox when it executes. What does this do to provide additional security?

a.    This prevents the Java applet from accessing data on the client’s hard drive.

b.    This prevents the Java applet from communicating to servers other than the one from which it was downloaded.

c.     This prevents the Java applet from failing in such a way that the Java applet is unable to execute.

d.    This prevents the Java applet from failing in such a way that it affects another application.

17. What types of computers might you expect to find located on an intranet? (Choose all that apply)

a.	Publicly accessible DNS servers	c.	SQL 2000 servers
b.	Public Web servers	d.	User workstations

18. Which of the following protocols can be used to secure a VPN connection?

a.  TCP/IP                                 b.   DNS                             c.   MPPE                            d.   AppleTalk

19.

You are setting up a test plan for verifying that new code being placed on a Web server is secure and does not cause any problems with the production Web server. What is the best way to test the code prior to deploying it to the production Web server?

a.    Test all new code on a development PC prior to transferring it to the production Web server.

b.    Test all new code on an active internal Web server prior to transferring it to the production Web server.

c.     Test all new code on a duplicate Web server prior to transferring it to the production Web server.

d.    Test all new code on another user’s PC prior to transferring it to the production Web server.

20. To allow its employees remote access to the corporate network, a company has implemented a hardware VPN solution. Why is this considered a secure remote access solution?

a.    Because only the company’s employees will know the address to connect to in order to use the VPN.

b.    Because VPNs use the Internet to transfer data.

c.     Because a VPN uses compression to make its data secure.

d.    Because a VPN uses encryption to make its data secure.

21. The network team at your company has placed a sniffer on the network to analyze an ongoing network-related problem. The team connects to the sniffer using Telnet to view the data going across the network. What would you recommend to increase the security of this connection without making it significantly more difficult for the network team members to do their jobs?

a.    Require the network team to remove the sniffer immediately.

b.    Require the network team to view the data from the local console of the sniffer.

c.     Encrypt the connection to the sniffer using PAP.

d.    Use SSH to make the connection to the sniffer rather than Telnet.

22.  Some new servers are being installed on your company’s network and you have been asked to work with the installer to ensure that they are as secure as possible from hack attempts.

What is the most important step you should take to ensure that the servers’ OSs is secure?

a.    Make sure that the installer is certified.

b.    Make sure that the latest OS service pack is installed.

c.     Make sure that the latest OS service pack and all security patches are installed.

d.    Make sure that the servers have locks on the hot-swap drive chassis.

23. Rick is a security auditor for your company. He is in the process of attempting to attack one of your servers but when you check all of your production servers, you detect no attacks happening. Why is this so?

a.    Rick is actually attacking a server in someone else’s network.

b.    Rick is actually attacking a honeypot, not a production server.

c.     Rick is being stopped at the firewall.

d.    Rick is using the wrong account with which to launch the attack.

24. Public Key Cryptography is a system that uses a mix of symmetric and ___________

algorithms for the encryption of a secret key.

a.  Public                                    b.   Asymmetric                             c.   Private                              d.     Certificate

25. Sally has come to you for advice and guidance. She is trying to configure a network device to block attempts to connect on certain ports, but when she finishes the configuration, it works for a period of time but then changes back to the original configuration. She cannot understand why the settings continue to change back. When you examine the configuration, you find that the __________ are incorrect, and are allowing Bob to change the configuration, although he is not supposed to operate or configure this device. Since he did not know about Sally, he kept changing the configuration back.

a.  MAC settings                    b.   DAC settings                   c.   ACL settings                       d.   Permissions

26. Josh has asked for a clarification of what a firmware update is. How could you briefly describe for him the purpose of firmware updates? (Pick the best answer)

a.    Firmware updates are control software- or BIOS-type updates that are installed to improve the functionality or extend the life of the device involved.

b.    Firmware updates are device-specific command sets that must be upgraded to continue operation.

c.     Firmware updates update the mechanical function of the device.

d.    Firmware updates are minor fixes, and are not usually necessary.

27. Your FTP server was just compromised. When you examine the settings, you find that the server allows Anonymous access. However, you know that this is a default condition in most FTP servers, and must dig further for the problem. Where else might you check?

a.    Access permissions on server’s file structure

b.    ACL settings for server access

c.     Effective permissions for the anonymous access

d.    All of the above

28. The PKI identification process is based upon the use of unique identifiers, known as _____.

a.  Licenses                              b.   Fingerprints             c.   Keys                             d.   Locks

29. You have downloaded a CD ISO image and want to verify its integrity. What should you do?

a.    Compare the file sizes.

b.    Burn the image and see if it works.

c.     Create an MD5 sum and compare it to the MD5 sum listed where the image was downloaded.

d.    Create an MD4 sum and compare it to the MD4 sum listed where the image was downloaded.

30. If you wanted to encrypt a single file for your own personal use, what type of cryptography would you use?

a.    A proprietary algorithm

b.    A digital signature

c.     A symmetric algorithm

d.    An asymmetric algorithm

For a more learning matter you can :

https://drive.google.com/drive/folders/0B1GcLTogwhteZHZpY3ZsbUhYMDA